Microsoft’s Bing is looking into SSL and other privacy
settings for the next version of their search engine. Currently the site strips
SSL when forced into HTTPS and in turn, brings up an advisory on browsers signaling
an unsafe connection.
Introduced at Toorcon, the Firefox extension allows
attackers to capture site cookies from users on unsecured wireless networks and
browse under their logon.
With the advent of Firesheep and subsequently, its surge of recently
converted hackers, HTTP session hijacking is becoming more and more of a
concern. Sites like Bing will have to adopt suitable security techniques to
contend with the extensions’ further proliferation.
Firefox 4, scheduled for release by the end of the year will
reported in August, the browser will receive HTTP Strict Transport
Security, ensuring the browser always requests a safe HTTPS session from sites.
However If sites like Bing don’t implement SSL into sites, the lack of full-end
encryption will still be a problem and HTTPS won’t even be an option.